News Archives • Page 176 of 631 • Daily CyberSecurity

CVE-2025-41243 (CVSS 10): Critical Spring Cloud Gateway Server WebFlux Flaw Exposes Property Modification Risk Spring Cloud Config CVE-2026-22739 Spring Gateway SpEL, STOMP WebSocket CSRF Spring Security, vulnerability CVE-2024-38819 CVE-2025-41243 Spring Cloud Gateway, vulnerability

Spring Cloud Config CVE-2026-22739 Spring Gateway SpEL, STOMP WebSocket CSRF Spring Security, vulnerability CVE-2024-38819 CVE-2025-41243 Spring Cloud Gateway, vulnerability

CVE-2025-41243 (CVSS 10): Critical Spring Cloud Gateway Server WebFlux Flaw Exposes Property Modification Risk

Ddos September 9, 2025

Spring has disclosed a critical vulnerability in Spring Cloud Gateway Server WebFlux that allows attackers to modify...

CVSS 9.8 Flaw in macOS Allows Apps to Access Protected User Data, PoC Available macOS vulnerability, file copy APIs

CVSS 9.8 Flaw in macOS Allows Apps to Access Protected User Data, PoC Available

Ddos September 9, 2025

Security researcher Mickey Jin (@patch1t) has uncovered a critical vulnerability in Apple’s file copy APIs that could...

Salat Stealer: A New Go-Based MaaS Is Hijacking Browsers and Crypto Wallets Salat Stealer, MaaS

Salat Stealer: A New Go-Based MaaS Is Hijacking Browsers and Crypto Wallets

Ddos September 9, 2025

CYFIRMA has released an in-depth analysis of Salat Stealer (also known as WEB_RAT), a sophisticated Go-based malware...

Malicious npm Packages Impersonate Flashbots SDKs to Steal Ethereum Wallet Credentials Ethereum, npm supply chain

Malicious npm Packages Impersonate Flashbots SDKs to Steal Ethereum Wallet Credentials

Ddos September 9, 2025

Socket’s Threat Research Team has uncovered a coordinated supply chain attack targeting the Ethereum ecosystem through four...

From CastleLoader to CastleRAT: TAG-150’s Multi-Tiered Cyber Arsenal Expands AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

From CastleLoader to CastleRAT: TAG-150’s Multi-Tiered Cyber Arsenal Expands

Ddos September 9, 2025

Security researchers at Insikt Group have uncovered a major advancement in the operations of a newly designated...

Mozilla to End Support for Firefox on 32-bit Linux in 2026 Firefox 32-bit Linux Firefox, CRLite Firefox 141, AI Tab Groups Firefox Focus Android

Mozilla to End Support for Firefox on 32-bit Linux in 2026

Ddos September 8, 2025

Among mainstream software, support for 32-bit operating systems has become increasingly rare. Yet the Mozilla Foundation has,...

Microsoft Is Discontinuing Outlook Lite: What to Do Next Exfil Out&Look Microsoft 365 Logging Gap Outlook Classic KB5074109 freeze, January 2026 POP3 PST bug Outlook Classic POP3 freeze, KB5074109 Windows 11 bug Outlook, CPU Usage Outlook lag Outlook Lite discontinued

Exfil Out&Look Microsoft 365 Logging Gap Outlook Classic KB5074109 freeze, January 2026 POP3 PST bug Outlook Classic POP3 freeze, KB5074109 Windows 11 bug Outlook, CPU Usage Outlook lag Outlook Lite discontinued

Microsoft Is Discontinuing Outlook Lite: What to Do Next

Ddos September 8, 2025

According to a support bulletin issued by Microsoft, the company has decided to cease development of the...

The End of an Era? Nova Launcher’s Future Is Now in Doubt Nova Launcher, Branch acquisition

The End of an Era? Nova Launcher’s Future Is Now in Doubt

Ddos September 8, 2025

Nova Launcher is perhaps the most renowned and widely used third-party Android launcher. In 2022, it was...

Mozilla Keeps Extending Firefox Support for Windows 7 Sanitizer API Firefox 148 Security Firefox WebRTC Vulnerability CVE-2025-14321 PoC Firefox VPN Feature, Browser-Only VPN Firefox Add-ons Rollback Firefox Encryption Firefox MKV support Firefox ESR, Windows 7

Sanitizer API Firefox 148 Security Firefox WebRTC Vulnerability CVE-2025-14321 PoC Firefox VPN Feature, Browser-Only VPN Firefox Add-ons Rollback Firefox Encryption Firefox MKV support Firefox ESR, Windows 7

Mozilla Keeps Extending Firefox Support for Windows 7

Ddos September 8, 2025

Since 2023, the Mozilla Foundation has been gradually phasing out support for legacy operating systems, including Windows...

PgAdmin Flaw Exposes Accounts to OAuth Hijacking Attacks CVE-2024-2044 pgAdmin, OAuth vulnerability

PgAdmin Flaw Exposes Accounts to OAuth Hijacking Attacks

Ddos September 8, 2025

The developers of pgAdmin, the most widely used open-source administration and development platform for PostgreSQL, have patched...

CVE-2025-57807: A Critical Flaw in ImageMagick Could Lead to RCE, PoC Available ImageMagick, heap out-of-bounds write

CVE-2025-57807: A Critical Flaw in ImageMagick Could Lead to RCE, PoC Available

Ddos September 8, 2025

Security researcher Lumina Mescuwa has disclosed a critical vulnerability in ImageMagick, tracked as CVE-2025-57807 (CVSS 9.8). The...

Azure to Enforce MFA for All Resource Management Operations Azure outage, Front Door Microsoft Azure Surveillance, Gaza Call Records Red Sea cables, Azure outage MFA enforcement Azure outage, Red Sea cables Azure Key Vault Azure, Surveillance

Azure outage, Front Door Microsoft Azure Surveillance, Gaza Call Records Red Sea cables, Azure outage MFA enforcement Azure outage, Red Sea cables Azure Key Vault Azure, Surveillance

Azure to Enforce MFA for All Resource Management Operations

Ddos September 8, 2025

As cyberattacks grow in frequency, sophistication, and impact, Microsoft is doubling down on its commitment to protect...

A New Threat to Artists: Hackers Threaten to Feed Stolen Art to AI AI extortion, artists' rights

A New Threat to Artists: Hackers Threaten to Feed Stolen Art to AI

Ddos September 8, 2025

For content creators, the unauthorized scraping of their work by AI companies for training artificial intelligence models...

Microsoft Access 2016/2019 Is Nearing End-of-Life Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

Microsoft Access 2016/2019 Is Nearing End-of-Life

Ddos September 8, 2025

A wide range of Microsoft products will reach the end of their lifecycle in October 2025. Alongside...

CVE-2025-58782: Apache Jackrabbit Vulnerability Exposes Systems to JNDI Injection and RCE Apache Jackrabbit, JNDI injection CVE-2023-37895 Apache Jackrabbit, XXE Vulnerability

CVE-2025-58782: Apache Jackrabbit Vulnerability Exposes Systems to JNDI Injection and RCE

Ddos September 8, 2025

The Apache Software Foundation has disclosed a new vulnerability in Apache Jackrabbit Core and JCR Commons, tracked...

Microsoft Gives U.S. University Students Free Microsoft 365 Personal student discount Microsoft 365, Intelligent Services Microsoft 365 UWP, App Deprecation Microsoft 365, Startup Boost Windows 10 EOL, Microsoft 365 Support Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

student discount Microsoft 365, Intelligent Services Microsoft 365 UWP, App Deprecation Microsoft 365, Startup Boost Windows 10 EOL, Microsoft 365 Support Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

Microsoft Gives U.S. University Students Free Microsoft 365 Personal

Ddos September 8, 2025

Microsoft has announced that it will provide all university students across the United States with a free...

iPhone 17 Air: A Beautifully Thin Phone, but with Major Compromises iPhone 17 Air, ultra-thin design iPhone Reverse charging Apple AI, Siri Overhaul iOS 26 Features

iPhone 17 Air, ultra-thin design iPhone Reverse charging Apple AI, Siri Overhaul iOS 26 Features

iPhone 17 Air: A Beautifully Thin Phone, but with Major Compromises

Ddos September 8, 2025

Apple has announced that its autumn keynote will take place on September 9 at 10:00 a.m. Pacific...

Qualcomm CEO: Intel’s Foundry Is Not Ready for Our Chips Qualcomm support updates vs. Arm

Qualcomm CEO: Intel’s Foundry Is Not Ready for Our Chips

Ddos September 8, 2025

In the smartphone chip foundry sector, Taiwan Semiconductor Manufacturing Company (TSMC) and Samsung dominate, while Intel—despite heavy...

iOS 26 Finally Unlocks Full-Resolution Screen Recording Apple Russia payment suspension iOS 26.3 Proximity Pairing, Apple DMA compliance 2026 Tap to Pay, Apple Pay Wireless charging Always-On Display, iOS 26 iOS 26, EU App APIs Rare Earths, Apple Supply Chain